Spring Boot mastery. Auto-configuration, security, Data JPA, Actuator, testing with TestContainers.
From godmodenpx claudepluginhub arbazkhan971/godmodeThis skill uses the workspace's default tool permissions.
Designs and optimizes AI agent action spaces, tool definitions, observation formats, error recovery, and context for higher task completion rates.
Enables AI agents to execute x402 payments with per-task budgets, spending controls, and non-custodial wallets via MCP tools. Use when agents pay for APIs, services, or other agents.
Compares coding agents like Claude Code and Aider on custom YAML-defined codebase tasks using git worktrees, measuring pass rate, cost, time, and consistency.
/godmode:spring, "spring boot", "spring security"Spring Boot version: <3.3.x>
Language: Java <version> | Kotlin <version>
Build tool: Maven | Gradle (Kotlin DSL preferred)
Architecture: Monolith | Modular | Microservices
Database: PostgreSQL | MySQL | MongoDB | Redis
Auth: JWT | OAuth2 | OIDC | Session | API key
Starter selection based on requirements:
spring-boot-starter-web REST API + Tomcat
spring-boot-starter-data-jpa JPA + Hibernate
spring-boot-starter-security Auth & authorization
spring-boot-starter-actuator Health + metrics
spring-boot-starter-validation Bean validation
spring-boot-starter-cache Caching abstraction
# Verify Spring Boot version
./gradlew dependencyInsight --dependency spring-boot
# Or Maven
./mvnw dependency:tree | grep spring-boot
spring:
jpa:
open-in-view: false # ALWAYS disable OSIV
hibernate.ddl-auto: validate # Flyway manages DDL
lifecycle:
timeout-per-shutdown-phase: 30s # graceful shutdown
IF open-in-view is true: disable immediately
(hides N+1 queries behind lazy loading)
IF ddl-auto is create/update: switch to validate
(Flyway/Liquibase for migrations)
WHEN deploying to K8s: enable graceful shutdown
AND configure liveness/readiness probes
SecurityFilterChain with lambda DSL:
.csrf(csrf -> csrf.disable()) # stateless API
.cors(withDefaults())
.sessionManagement(STATELESS)
.authorizeHttpRequests(auth -> auth
.requestMatchers("/api/public/**").permitAll()
.anyRequest().denyAll()) # deny by default
Rules:
DATA LAYER PATTERNS:
Derived queries: simple lookups by fields
JPQL JOIN FETCH: avoid N+1 on associations
Specifications: dynamic filtering (search)
Projections/DTOs: lightweight reads
@Version: optimistic locking
Flyway: schema version control
# Generate Flyway migration
flyway -url=jdbc:postgresql://localhost/mydb migrate
# Verify no N+1 queries in logs
grep "select.*from" app.log | sort | uniq -c | sort -rn
Rules:
ENDPOINTS:
/actuator/health Liveness probe
/actuator/health/ready Readiness probe
/actuator/prometheus Metrics scrape
/actuator/loggers Runtime log levels
/actuator/env DISABLED in prod
/actuator/heapdump DISABLED in prod
IF deploying to K8s: configure probes
livenessProbe: /actuator/health/liveness
readinessProbe: /actuator/health/readiness
initialDelaySeconds: 30, periodSeconds: 10
TESTING STRATEGY:
Unit (service): JUnit 5 + Mockito
Controller (HTTP): @WebMvcTest + MockMvc
Repository (data): @DataJpaTest + TestContainers
Integration (full): @SpringBootTest + TestContainers
Security: SecurityMockMvcConfigurers
Architecture: ArchUnit
# Run tests with TestContainers
./gradlew test
# Or Maven
./mvnw test
Rules:
| Check | Required |
|------------------------------|----------|
| OSIV disabled | YES |
| ddl-auto: validate | YES |
| Constructor injection only | YES |
| No entities from controllers | YES |
| Actuator restricted in prod | YES |
| TestContainers for DB tests | YES |
| Graceful shutdown configured | YES |
Log to .godmode/spring.tsv:
timestamp\taction\tentities\tcontrollers\tmigrations\ttests_status
SPRING: {action}. Files: {N}. Entities: {N}.
Tests: {status}. Build: {status}. Issues: {N}.
KEEP if: build passes AND tests pass
AND no deprecated API warnings introduced
DISCARD if: build fails OR tests fail
OR N+1 queries detected in logs
STOP when:
- All validation checks pass
- Build and tests green
- Actuator secured for production
- User requests stop